Carnegie Mellon University Totally Got Ripped Off By the FBI

Here’s a thought. Let’s say that out there right now, there’s a completely secret separate internet. A shadowy network where nefarious individuals trade illicit goods for untraceable software – the *holds flashlight in front of my face* DARKWEB.

And yes, okay, the Darkweb is totally a thing that you already know about. It currently supports an untraceable drug economy worth well over a billion dollars. You’ve probably bought weed on it, or if you haven’t, you know someone who has.

So, here’s a question: If you held the key that would allow the forces of law and order to unmask the faceless villains at the center of a secret drug trade, how much would you sell it for? $5 million? $10 million? Hell, even $50 million would comfortably vanish into the $1.2 billion take of a site like the Silk Road.

As it turns out, this situation totally happened, as least according to the director of the Tor Project, Robert Dingledine. Back in the middle of 2014, a security researcher from Carnegie Mellon University, Alexander Volynkin, was supposed to present a method of de-anonymizing Tor users at BlackHat (a security conference that’s basically Bonnaroo for security nerds). Days before the conference, his talk was pulled from the schedule. Later that year, the FBI pulled a massive raid aimed at de-anonymizing Tor users, known as Operation Onymous, which captured the ringleaders of several darknet markets.

It doesn’t take much to put two and two together and figure out that Alexander’s research was used to unmask these darknet proprietors. According to Dingledine, that surmise has been confirmed by information leaked from trials related to Operation Onymous itself.

Operation Onymous does raise some interesting ethical questions. For example: did the federal government gather any evidence about the individuals it hacked, or did they hack first and ask questions later? Is that legal? Running Tor, the anonymous network, is perfectly legal, even though it is being used by some criminals. The proprietors of Tor were not shown warrants, nor were they notified before the hack took place. Should that have happened? Will the Justice Department stonewall any and all of these questions while insisting it did everything to the letter? Probably yes, to the last one.

Anyway, here’s the answer to one question. How much do you get paid for taking down a billion-dollar criminal empire while simultaneously eroding due process and betraying the ethics of your profession?